The PCI Security Standards Council (PCI SSC) has released its first-ever annual report, underscoring a sharpened focus on India and South Asia as the region’s digital payments ecosystem continues to expand at scale.
The report notes broader representation in governance, including a record 64-member global Board of Advisors for the 2025–2027 term to increase geographical and market diversity. A key milestone was the launch of the India–South Asia Regional Engagement Board (REB) in August 2025, aimed at localising global payment security standards for one of the world’s fastest-growing digital payments markets.
The India–South Asia REB includes leading organisations such as National Payments Corporation of India, HDFC Bank, Google, Cred and Zeta, among others. The board will advise PCI SSC on regional risks, implementation challenges and evolving fraud patterns specific to India and South Asia, providing local firms with a more direct channel into how future PCI standards are drafted and revised.
Gina Gobeyn, Executive Director, PCI SSC, said the inaugural annual report reflects the collective effort of participating organisations and stakeholders to advance payment security globally amid rising transaction volumes and technological shifts.
India has become a critical market for global payment security frameworks due to the scale of transactions flowing through digital rails such as UPI, cards, wallets and embedded payments. The report highlights a sharp global rise in transaction volumes, speed and complexity, alongside an expanding threat landscape driven by emerging technologies and third-party integrations.
For India, where mobile-led payments dominate, PCI SSC said 2025 saw heightened attention to mobile payment security, e-commerce safeguards and software security standards. The Council also introduced guidance on the use of artificial intelligence in payment environments, including principles for AI use in PCI assessments, as banks and fintechs increasingly deploy AI for fraud detection and onboarding.
Additionally, PCI SSC established an E-commerce Guidance Task Force to address practical security implementation challenges faced by merchants and payment processors.
Aniket Bhosle, Partner, Technology Consulting, Ernst & Young LLP, said the report reflects stronger alignment across standards, guidance and training to address a more complex payments landscape.
Nitin Bhatnagar, Regional Director – India, South Asia and Middle East, PCI SSC, highlighted the importance of community-driven collaboration in strengthening payment security across emerging markets.
As it approaches its 20th anniversary in 2026, PCI SSC said it will continue expanding regional participation and training programmes in India and other high-growth markets.
Send news announcements/press releases to:
editor@thefoundermedia.com
